Note: The Port Forward Table form is not applicable to MCD for Industry Standard Servers (ISS).
The Port Forward Table form allows external traffic to reach resources on the internal network. The table can contain up to 40 entries. Each entry consists of a protocol (TCP or UDP) and port number combination on the Internet Gateway (WAN interface) as well as an IP address and port number combination on the internal network.
After an entry has been added to the table, a host on the internet can send a packet to the WAN interface for the specified protocol/port number combination. The firewall re-addresses the packet, sending it to the IP address/port number combination of the actual resource or service on the internal network.
Use this form when performing the following tasks:
Each protocol/port number combination on the WAN interface must be unique.
The source start and end port range size must be the same as the destination start and end ports. The destination end port is automatically calculated; for example, if the source ports range from 10 to 50 and the destination start port is 100, then the destination end port will be 150. The size of the range must be the same.
There is a delay between the time that you save your changes to this form and the time that your changes take affect. If you are mapping the source ports to the same range of destination ports, it takes the system approximately 15 seconds for the configuration changes to take effect (see Example 1)
|
Parameter |
Description |
Default Value |
|
Protocol |
Select the WAN interface protocol (UDP or TCP). |
TCP |
|
Src Start Port |
Enter the source port at start of the range. The source start port for a TCP entry must not overlap with other TCP entries, and the source start port for a UDP entry must not overlap with other UDP entries. The source start port must be less than or equal to the respective end port. Valid port numbers are 1-65535. |
Blank |
|
Src End Port |
Enter the source port at end of the range. The source end port for a TCP entry must not overlap with other TCP entries. The source end port for a UDP entry must not overlap with other UDP entries. Valid port numbers are 1-65535. |
Blank |
|
Dst IP Address |
Enter the IP address of the destination device that receives the specified packets. |
Blank |
|
Dst Start Port |
Enter the destination port at start of the range. The destination start port must be less than or equal to the respective end port. Valid port numbers are 1-65535. The default is blank.
|
Blank |
|
Dst End Port |
System-generated, protected field. Indicates the destination ports at end of the range. Valid port numbers are 1-65535. The range of destination end ports match the range of source end ports. The default is blank.
|
|
|
Protocol |
Src Port (Start/End) |
Dst Port (Start/End) |
|
TCP |
10000/20000 |
10000/20000 |
|
TCP |
30000/40000 |
30000/40000 |
|
UDP |
20000/30000 |
20000/30000 |
|
UDP |
40000/50000 |
40000/50000 |
In Example 2, the source ports are mapped to a different range of destination ports. In this case, it takes approximately 10 to 13 seconds to map each 1000 ports so it would take approximately 6 to 7 minutes for the configuration changes to take effect:
|
Protocol |
Src Port (Start/End) |
Dst Port (Start/End) |
|
TCP |
10000/20000 |
11000/21000 |
|
TCP |
30000/40000 |
31000/41000 |
|
UDP |
20000/30000 |
21000/31000 |
|
UDP |
40000/50000 |
41000/51000 |
In Example 3, the range of ports that is being mapped is very large. In this case, it takes approximately 25 to 30 minutes for the configuration changes to take effect:
|
Protocol |
Src Port (Start/End) |
Dst Port (Start/End) |
|
TCP |
10000/30000 |
11000/31000 |
|
TCP |
30000/50000 |
31000/51000 |
|
UDP |
20000/40000 |
21000/41000 |
|
UDP |
40000/60000 |
41000/61000 |